//package com.woniu.mgr.config;
//
//import com.woniu.mgr.components.LoginErrorHandler;
//import com.woniu.mgr.components.LoginSuccessHandler;
//import com.woniu.mgr.util.WebUtil;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.access.AccessDeniedException;
//import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.crypto.password.PasswordEncoder;
//import org.springframework.security.web.access.AccessDeniedHandler;
//
//import javax.annotation.Resource;
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.IOException;
//
//@Configuration
//@EnableGlobalMethodSecurity(prePostEnabled = true)
//public class SecurityConfig extends WebSecurityConfigurerAdapter {
//
//    @Resource
//    private LoginSuccessHandler loginSuccessHandler;
//
//    @Resource
//    private LoginErrorHandler loginErrorHandler;
//
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//
//        http.httpBasic().disable()//禁用httpBasic验证
//                //关闭浏览器内部窗口的安全参数
//                .headers().frameOptions().disable()
//                .and()      //关闭csrf的拦截
//                .csrf().disable()
//                .authorizeRequests()//开始配置认证请求
//                .antMatchers("/html/login.html","/js/**","/css/**","/img/**","/html/**").permitAll()//放过哪些请求
//                .anyRequest().authenticated()//其他请求都执行验证
//                .and()
//                .formLogin()//表单登录
//                .loginPage("/login.html")//登录页面
//                .loginProcessingUrl("/login")//登录接口
//                .successHandler(loginSuccessHandler) //成功处理
//                .failureHandler(loginErrorHandler) //失败处理
//
//                .and()
//                .exceptionHandling()
//                .accessDeniedHandler(accessDeniedHandler());
//    }
//
//    @Bean
//    public AccessDeniedHandler accessDeniedHandler() {
//        return new AccessDeniedHandler(){
//
//            @Override
//            public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException e) throws IOException, ServletException {
//                WebUtil.json(403,"你无权访问该资源",httpServletResponse);
//            }
//        };
//    }
//
//
//
//
//
//
//    /**
//     * 密码解析器
//     * @return
//     */
//    @Bean
//    public PasswordEncoder createPasswordEncoder() {
//        return new BCryptPasswordEncoder();
//    }
//}
